it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Moritz Muehlenhoff <jmm AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 4921-1] nginx security update
- Date: Fri, 28 May 2021 12:05:07 +0000
- Authentication-results: mail02.piratenpartei.de; dkim=none; spf=none (mail02.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 82.195.75.100) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
- List-archive: https://lists.debian.org/msgid-search/20210528120507.GA8770 AT seger.debian.org
- List-id: <debian-security-announce.lists.debian.org>
- List-url: <http://lists.debian.org/debian-security-announce/>
- Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From: Date:Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=0KOls2PvTusiseKPj7oiLewC9vxQP9KRfVzTuOvhsuk=; b=jk ks73u3NLuBjOoINtaKs2LN1/B8sO1okDs/fYjC4c/5Kj4j8EodqAeJBWgqnaHTIbCo/i1H9z829CE jnSlzY5EYinS03U9Tgy0CRs15bkiUZ99wl+lIULhyNSse+rhR1NGzQRlMgcaCdVdv72QrSOQfet4W XSfhcDTDB1YjuUGTdEoiwzh1Oh3r8wm7VVA9ZU//0G9pN/oFcbtDjxol/G6phsij/w7CkSXK1UFRD 0pefMoasUCKyvsoi2KB5nKF6VWTn1AaGroP77z3bzNLtFX93lQTpdMvQbeBmxTkDvHHRdZF4FZo4G x+93OzifbPa6FOB4fcmTBgwECmLnOUlQ==;
- Old-return-path: <jmm AT seger.debian.org>
- Priority: urgent
- Resent-date: Fri, 28 May 2021 12:05:27 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <WcB-dj9R4JD.A.OdC.HyNsgB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4921-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
May 28, 2021 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : nginx
CVE ID : CVE-2021-23017
Debian Bug : 989095
Luis Merino, Markus Vervier and Eric Sesterhenn discovered an off-by-one
in Nginx, a high-performance web and reverse proxy server, which could
result in denial of service and potentially the execution of arbitrary
code.
For the stable distribution (buster), this problem has been fixed in
version 1.14.2-2+deb10u4.
We recommend that you upgrade your nginx packages.
For the detailed security status of nginx please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/nginx
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmCw3CMACgkQEMKTtsN8
TjYgGA/9FlgRs/kkpLxlnM5ymYDA+WAmc44BiKLajlItjdw54nifSb7WJQifSjND
wWz6/1Qc2R84mgovtdReIcgEQDDmm8iCpslsWt4r/iWT5m/tlZhkLhBN1AyhW8VS
u1Goqt+hFkz0fZMzv1vf9MwRkUma8SjxNcQdjs4fHzyZAfo+QoV4Ir0I7DIMKkZk
N5teHqHIMaDasRZFQSpL8NuZC+JN5EEpB764mV+O/YqVrWeE9QUAnL0FgjcQUnmh
iQ5AmMJRtAnQXXu9Qkpx9WtDemHLFHC9JsWEKE3TJAegA4ZhfOo5MZcjesn6EoqV
8rXAAupWzO5/wTxMeulqz4HTLeYPs+jTSONHwT1oG9kgY59jVcNVjg2DcGbG3/17
ueZdGTy70pgLSL6IKILNBgqHh0AqSyyuZmocy07DNGay+HzwuFSBq4RCCved+EPW
4CMtIPSujjPzQqvg15gFNKt/7T2ZfKFR7zVfm0itI6KTjyAhmFhaNYNwWEifX68u
8akhscDlUxmDQG1kbQ2u/IZqWeKG/TpbqaaTrTl6U+Gl1hmRO06Y4AckW1Xwm2r4
CFSO9uHeNte5Vsw+4NlDntzRZOOfJ6qW8x0XF5Vgn7R9mfYPlvIWJgptsgrrijnf
lhCPw5JMpzQ4afWlRUvQiaf0lOIySKIfv05wHPtIablmgjIGny4=
=qxQw
-----END PGP SIGNATURE-----
- [IT-SecNots] [SECURITY] [DSA 4921-1] nginx security update, Moritz Muehlenhoff, 29.05.2021
Archiv bereitgestellt durch MHonArc 2.6.24.